At the last TechEd Africa, Microsoft put all the speakers up in The Hilton in Durban. It was around 4AM (a few hours before the closing keynote), and @rmaclean, some other speakers, and myself, decided to see how hard it would be to get into someone’s room.

We came up with the following routine: One person pretends to be almost blackout drunk, and then another sober person helps them to the front desk. The sober person explains that they are trying to get this drunk friend back to the drunk friends room, but they don’t have the key.

It’s worth noting that nothing here is particularly advanced, and neither is my security knowledge – which is sort of what makes this scary.

If you don’t want to read the details, here is a summary:

Ster-Kinekor had a vulnerability in their site/api that allowed anyone to get the profile details of every single user in their system. Those details included names, addresses, phone numbers, and plain text passwords (amongst a lot of other fields that you can see below).

To be clear, this wasn’t a hard thing to find at all, and from Ster-Kinekors side, it was just pure negligence. Not only did the API hand off details to anyone, they were also storing password in their database in plaintext (and returning those to the client!).

In VALA I’ve been animating a cut-scene, and made the silly mistake of putting my Animator component on the character instead of on a root object. This means that the Animator isn’t able to move anything except the character (because they are not in the same hierarchy).

In the image below, my Animator was on Scientist, instead of ScientistRoot, meaning that I couldn’t use it to animate ScientistTerminal when he touches it.

So here is a quick tip to move the Animator to the root GameObject – which Unity doesn’t support, but really should.

Timeline

At 12pm 7 September a colleague of mine received the email from eThekwini, and told me the password was in plain text.

Presumably they were staging emails because at at 4:31pm 7 September I received the same email. The password was in plain-text, and was my actual password, not a newly generated one.
This means they were either storing the passwords in plain-text, or encrypting them and storing that – both of which are obviously bad, because if they can decrypt it, chances are so can someone else.

I thought it would be fun to make a little FlappyBird clone using an ultrasonic sensor as the controller.
So I threw this together yesterday:

What you’re seeing there is an ultrasonic sensor on the table reading how far my hand is away from it, then it sends that value over WiFi to the Unity3D game, which then maps that to the plane movements.Continue reading →

Use your Windows device to browse and search for products on PriceCheck from South Africa’s latest catalogue offers, wherever you are. Once you’ve decided which product you would like to buy, you can use the included store locator, maps and merchant contact details to find a relevant stockist. Other features of the PriceCheck app include:

Logic tells us that a box collider in Unity3D will be more performant than a mesh collider simply because it is less complex. But I had an impulse a couple days ago to test it out myself. This doesn’t really scratch the surface of every use-case.

I went to the AssetStore and picked out a fairly simple free armchair model. I then made two different prefabs, one with a convex mesh collider, and the other with a box collider.

Then I made a script to spawn a 40×40 grid of a type and let them fall onto two planes. That means a total of 1600 armchairs were doing discrete physics updates, which will kill even the best of the PC master-race.

On the left side we have the mesh collider, and on the right is the box collider. Click the gif to goto a full-size version which has a bar to manually scrub through.

As expected, the summary is that the mesh collider is incredibly slower (sometimes even 20x slower) than the box collider. And in this case the mesh collider is actually pretty simple. Something worth pointing out is that although the graphs sort of line up, their scale is totally different, so take a proper look at the number on it.

Now for bonus points, here is a pretty scene of a stupid amount of spheres attacking the streets of New York.

After a while I figured out that this error is totally misleading, and the real problem is that your Nuget package source has been disabled. I have a feeling this was related to installing Visual Studio 15 preview.

A couple of years ago I wrote a guide for getting Netflix in South Africa, which still gets thousands of hits a month. A lot has changed since then – notably, Netflix has finally launched in South Africa, and a bunch of local VOD services have launched (ShowMax, Vidi, and some other small ones).

But even though Netflix is now in SA, the content is really limited. This isn’t Netflix’ fault, but comes down to licensing and what makes commercial sense. For this reason, the guide linked at the top is still 100% valid, and will open up tons of extra content.

Since the Netflix SA launch there has been lots of media comparing Netflix with ShowMax (and others), however none of them really go into any detail, and the actual data they have seems pretty inaccurate.